Network Protection | Threats

Hackers

Quite often a customer of ours would ask: "Allora, who are hackers anyway?" In this article we`ll answer the first question while avoiding any tech-talk around network threats! Instead we'll appeal to simple, real-life analogies. Shortly after we start answering this, naturally another round of question trails: "How can I protect myself against it?". Throughout this page you'll find links to another article with recommended protection methods against all types of the threats described below.

"Allora, who are hackers anyway?" Hackers desire to gain a full or partial control over a computer in order to do the following: steal information, destroy it or alter for fun or vengeance; use this computer`s resources and bandwidth free of charge (often for illegal purposes); use the computer to launch another attack; practice hacking skills for education purposes or entertainment. Just like in any other field of human activities hackers range from newbie`s to gurus. As their skills grow it becomes more and more difficult to protect a computer and detect an intrusion. In fact one of the top priorities in a hacker`s attack is to remain invisible. Often a hacker would cover his/her trails, build a secret backdoor for a convenient visit back but wouldn`t do anything else what-so-ever. While it might seem somewhat harmless it is a very bad situation. Imagine that you come home from work, pop a DVD in, enjoy your dinner and all of a sudden you feel that you are not quite alone. Oh, yes, there is a stranger standing behind your couch and enjoying your movie as well it`s just that time of the year when he decided to check if there is something new, something more interesting than a few months ago. Legitimately you exclaim: how did he get here in the first place? Didn`t I lock the door? Were those windows open? Perhaps my chimney`s pipe is to blame"¦ Oh, that`s it! I "lost" my keys in the gym two months ago. Interestingly all scenarios above have distinct analogs in computer world and furthermore there are many other ways of computer intrusion not having analogies in everyday life. Let`s go over classics one by one.

Unlocked door or key under your door matt situation: no password! Perhaps you do have a password but it's too weak. Let us name a few easy to guess (weak) passwords: god, letmein, fortune and their "hi-end" variations: G0D, letm3in, 4tune. These days any password based on a dictionary word is considered to be extremely unsafe.

Open window: one forgot to log off a computer or browser Internet session at a public place or at work.

Break in through a chimney, garage or basement: software running your computer is not perfect; there are security holes that can be exploited, sometimes very easily. Regular maintenance and security checks are absolutely necessary. Firewalls are the most imperative defence mechanism here.

A stranger gave me a present. I bring it home, unwrap holding my breadth - oh, it`s a gorgeous souvenir, I'm putting it in our living room. What I don`t realize is that there is a treacherous mini-robot inside which would unlock my house at night: in the computer universe it means that I was tricked to visit a specially crafted web site and picked up a trojan program. Or yet a few other possibilities: I launched an email attachment named funny.exe or resume.zip. I received an even more wicked email like "For security purposes we kept your attachment in a safe place at this address, now click here and have a nice day"

Eavesdropping is one of the ancient ones. You were sitting in a park with a glass of wine watching kids playing around and birdies flying by. A coworker of yours called from work asking what`s your safe`s combination, as she has to help you with a project. Of course you told her the pass-code. Starting Monday strange things start happening around your project. Eavesdropping is very common in modern networks. It is widely spread in the realm of wireless communications. Internet shopping, online banking from coffee shops or airports can be very unsafe.

We must mention a Denial of Service Attack, which doesn`t quite resemble any crimes in the real world. Such attack is designed to make your Internet communication channels inoperable. It is usually done through orchestrating a massive amount of Internet traffic to your servers over a short period of time. Server or network devices like routers become overwhelmed as they simply drown in the flood of web requests, error correction traffic etc. Normal business operation is impossible until you reset your equipment and take measures against re-occurrence of such event (for instance via a firewall). Usually rather big players like Yahoo.com or Microsoft.com are targeted by DoS attacks.

And the last one, good one: someone very careful, smart and patient watches your house for weeks, he knows your habits by now, schedule and one day he carries out an artful plan of sneaking in despite of your window-bars, expensive locks, police surveillance and a 45 Colt under your pillow. Analogy here would be the most upsetting: you just fell a victim of a deliberate attack of a guru hacker however you are still confident in your sound protection and safety.

At last a few words about hackers in real life. What kind of people are they? They are obviously computer specialists students, programmers and system administrators. Average age is quite young for a variety of social and psychological reasons. There are well-established categories for hackers: Black Hats highly skilled cyber criminals; White Hats - security gurus (often former Black Hats) who put their efforts to fight cyber crimes; Grey Hats people playing on both sides, such person can be hired to protect some company`s network while perfecting technique and learning new tricks through attacking targets of interest at spare time; Script Kiddies kids, teens and adults with limited skills but unlimited ambitions, their abilities are restricted to using pre-written scripts or procedures defined by Black Hats. The history of hackers started in early 80`s and it won`t be closed until networks, as we know them exist.

Viruses, Trojans, Worms

These are malicious programs written mostly by hackers in order to automate their actions and facilitate their attacks. This the most common of all threats.

The first virus was born as soon as the malicious programmer figured a way to automate or facilitate his activity. As one can guess from its name a virus spreads like a decease but it`s infecting computers instead of living organisms. More accurately a virus infects files and/or memory. In the early days of 80`s viruses focused on executable files and thus every time a user would launch an infected file more healthy executable files would be sought and infected. These days the type of a file is not so important it can be a picture, an archive file, screen saver you name it! Viruses don`t just spread innocently, at a certain point something destructive would be done: deletion of files, corrupting booting records, attacking other computers over the Internet, presenting unwanted materials such as links to porn-sites, protest Web-pages etc.

(A?)Trojan is a stand-alone computer program distributed as part of "free" software or deployed by a virus or worm. It is usually set to launch automatically at the startup time. So Trojans do not spread on their own what do they do? Most often Trojans provide a backdoor entrance to a computer hence the name. Often Trojans report important information from your computer to hackers through Web or IRC channels.

(A?) Worm is similar to a virus but it travels by itself (no infection of other files it just eats and travels through your apple) It propagates automatically through email or by exploiting vulnerable web sites and so on. The object remains the same soliciting, dropping Trojans and destroying information. If you are interested to see the evolution of these nasty beasts you are welcome to take a look at the Timeline of Virus History. (http://www.infoplease.com/ipa/A0872842.html)

There's a neverending battle going on between virus creators and AntiVirus developers.

Mail Spam

Unless you are extremely lucky or don`t use email at all the concept of Mail Spam doesn`t need to be explained. We can safely assume that every email address out there receives certain unwanted email messages containing advertising. The number can range from a few per day to a few hundred per day if a user wasn`t careful enough keeping her/his email address private and confidential. Spammers send their messages hoping that at least one out of hundreds or thousands recipients would actually visit an advertised site and maybe 1% of those would spend money on some product or bite the bate (virus?). It seems to be a rather inefficient marketing campaign but its cost is next to zero. It is similar to the process of spawning among fish. After all chances that each fish egg survives and develops into an adult individual are negligible nevertheless there are plenty of fish on this planet. If we could only make caviar out of Mail Spam! According to our observation SPAM consitutes 80-95% of all email traffic for Allora's customers. Luckily there are AntiSpam tools that effectively reduce SPAM almost to zero.

SpyWare / AdWare

Right this second you are reading this article on the Web, probably using Internet Explorer which almost guarantees that you are familiar with a Pop-Up Window phenomenon. With luck you only see such windows with advertisement when browsing annoying web sites. However in some cases even after you close your browser every so often a pop-up would happily jump over your current application. That`s when the word AdWare and a more general term SpyWare comes to play. When a SpyWare program exists on your computer you will notice slower Internet Connection, slower Operating System and sometimes Pop-ups. In a sense SpyWare is not very different from Trojans. It usually comes as a hidden component of freeware or shareware programs like Weather Bug, Kazaa, Casino Games, etc. Then SpyWare covertly gathers user information usually for advertising purposes (remember Mail Spam?). SpyWare monitors user activity on the Internet and transmits that information in the background to someone else. SpyWare can also gather information about e-mail addresses and even passwords and credit card numbers.

Browser Hijacking

Browser hijacking is probably the worst kind of SpyWare threats. It doesn`t just present you with unwanted information instead it cripples truly useful and important Web sites like google.com or Yahoo. While the front page would look similar to the real site as soon as you start using it tons of unrelated materials are displayed and generally the site becomes useless. Another lovely hoax is to redirect you from an Online Backing page to a bogus one where you would expose your user and password information. We`ll leave it to your imagination as to what occurs next.